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(54) Personal authentication system 



(57) An authentication system includes a computer 
1 , an input means 3, a fingerprint database 4, a display 
device 10, an adapter circuit 11, and a fingerprint collat- 
ing device 12. The input means 3 includes a keyboard 8 
and a fingerprint sensor 9. The fingerprint sensor 9 is 
integrated into the keyboard 8. The authentication sys- 
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tern allows a user to perform predetermined operation 
to the computer 1. only when fingerprint information of 
the user detected by the fingerprint collating device 12 
is coincident with fingerprint information registered in 
the fingerprint database 4. 
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Description 

PACKGPOUNP QFTH^ INVENTION: 

[0001 ] This invention relates to a personal authentica- 
tion system and. in particular, to a personal authentica- 
tion system which performs the personal authentication 
by identifying a user's fingerprint. 

Description of the Related Art 

[0002] In the past, a fingerprint reading system has 
been disclosed in Japanese Laid-Open Publication No. 
H1-1 54295 (namely. 154295/1989). The system has a 
relatively large device, for example, an ATM(automatic 
teller machine) or an ECR (electronic cash register), in 
the system, a fingerprint reading head is arranged on a 
top surface of a key which performs a specific function 
determined in the ATM in response to being pushed. 
The system extracts a user's fingerprint from the top 
surface of the key to authenticate the user when he 
pushes the key in question by one of his fingers. 
[0003] Other conventional personal authentication 
systems authenticate a user by checking a password 
supplied by the user, when the user logs in a computer 
system or an application. 

[0004] However, each of these conventional systems 
has problems. In the former system, an input device 
tends to be large in size if a fingerprint reading system 
is integrated into the input device, such as a keyboard 
used in a personal computer system because it has 
never been considered that the fingerprint reading sys- 
tem is used in a small-sized input device. 
[0005] On the other hand, in the later systems, the 
password can be easily stolen by peeping into a screen 
on which the password is supplied, or easily inferred 
from the user's birthday etc. As a result, the systems are 
apt to be undesirably or illegally utilized by people other 
than the user. 

SUMMARY OF THE INVENTION: 

[0006] Therefore, it is an object of the invention to pro- 
vide a personal authentication system which includes a 
small-sized input device. 

[0007] It is another object of the invention to provide a 
personal authentication system which can prevent use 
of the system by other people. 
[0008] According to an embodiment of the invention, 
a personal authentication system including computer for 
use in authenticating a user is provided. The system 
comprises an input means by which tiie user input an 
instruction to ttie computer, a fingerprint sensor which 
detects fingerprint information of tiie user when tiie user 
touches the sensor by ttie user's finger, a storage 
means which is connected to the computer and regis- 
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ters fingerprint information of users in advance, and a 
collating means which is connected to the computer and 
collates the fingerprint information detected by the fin- 
gerprint sensor with the fingerprint information regis- 

5 tered in the storage means. 

[0009] Further the system allows tiie user to have pre- 
determined operation performed by the computer, when 
it is determined that the detected fingerprint information 
is coincident witii the registered fingerprint information 

10 by tiie collating means. 

BRIEF DESCRIPTION OF THE DRAWINGS : 
[0010] 

IS 

Rg. 1 shows a block diagram of a personal authen- 
tication system according to a first enftix)diment of 
tiie invention; 

Fig. 2 schematically shown a keyboard and a fin- 
20 gerprint sensor of tiie personal authentication sys- 
tem shown in Fig. 1 ; 

Rg. 3 shows a flow chart representing log on oper- 
ation of the personal authentication system shown 

in Fig. 1; 

25 Rg. 4 shows a flow chart representing data 
encrypting operation of the personal aiAhentication 
system shown in Rg. 1 ; 

Rg. 5 shows a flow chart representing data decod- 
ing operation of the personal autiientication system 
30 shown in Fig. 1 ; 

Rg. 6 shows a flow chart representing data signing 
operation of the personal autiientication system 
shown in Fig. 1 ; 

Rg. 7 shows a fk)w chart representing signature 
35 verification operation of tiie personal authentication 
system shown in Rg. 1 ; and 
Rg. 8 shows a block diagram of a personal autiien- 
tication system according to a second embodiment 
of the invention. 

40 

DESCRIPTION OF THE PRE FERRED EMBODIMENT : 

[0011] Fig. 1 shows a first embodiment of a personal 
authentication system of the invention. As shown in Rg. 

45 1, the personal autiientication system includes a com- 
puter 1, an input device 3 connected to ttie computer 1 
via an interface 2. and a fingerprint database 4 con- 
nected to the computer 1. The computer 1 includes an 
application software 5. middle-ware 6 which communi- 

50 cates with the application software 5, and a driver soft- 
ware 7 which communicates witii the mktdle-ware 6. 
[001 2] The input device 3 includes a keyboard 8. a fin- 
gerprint sensor 9, a display device 10, a fingerprint col- 
lating device 12, and an adapter circuit 11 which is 

55 connected to these elements 8 - 1 0, 1 2. The adapter cir- 
cuit 1 1 is also connected to tiie computer 1 via the inter- 
face 2. 

[0013] The computer 1 may be, for example, a per- 
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sonal computer (PC), a workstation (WS), a server com- 
puter, or a super computer. The application software 5 
realizes a plurality of operations, such as a log-on oper- 
ation to the computer 1 , an operation of encrypting data, 
an operation of decoding data, an operation of signing 
data, and an operation of verifying a signature. 
[0014] The middle-ware 6 comprises capabilities of 
autheritication result notification and de/ice authentica- 
tion of the keyboard 8. The middle-ware 6 further com- 
prises the capability of personal authentication by 
fingerprint, if the fingerprint collating device 12 has no 
capability of personal authentication. 
[001 5] The interface 2 is structured teased on standard 
of device interface such as RS-232C or USB. 
[001 6] While the input device 3 includes the keyboard 
8, the fingerprint sensor 9, the display device 10, the fin- 
gerprint collating device 12, and the adapter circuit 11, 
the display device 1 0 and the fingerprint collating device 
12 may not be included in the input device 8 but may be 
individually and directly connected to the computer 1 . 
[0017] To detect and collate fingerprint, various kinds 
of well known conventional methods may be used which 
may be. for example, methods disclosed in Japanese 
Laid-open Publication Nos. S55-138174 (namely, 
138174/1980) and S56-24675 (namely, 24675/1981). 
[0018] As shown in Fig. 2, the fingerprint sensor 9 is 
integrated into the input device 3. Responsive to a 
user*s operation of touching the fingerprint sensor 9, the 
input device 3 outputs a signal including detected fin- 
gerprint information to the computer 1 . 
[001 9] The fingerprint sensor 9 may be composed of 
an optical sensor or a semiconductor sensor. When a 
user's finger touches the fingerprint sensor 9. the sen- 
sor 9 detects fingerprint information, generates a signal 
from the information, and sends the signal to the 
adapter circuit 1 1 . 

[0020] The fingerprint information of users is regis- 
tered in advance in the fingerprint database 4. There- 
fore, the computer 1 can collate the fingerprint detected 
by the fingerprint sensor 9 with the fingerprint registered 
in the fingerprint database 4. If the fingerprints are coin- 
cident with each other, the computer 1 allows the user to 
perform the above operations, for example, log-on or 
encrypting data. 

[0021 ] Flow charts shown in Figs. 3. 4, 5, 6, and 7 are 
related to operations of log-on, encrypting data, decod- 
ing data, signing data, and verifying a signature, respec- 
tively. Hereinafter, the operations of the invention will be 
described with reference to Figs. 3 through 7. 
[0022] In Fig. 3. at first, it is determined whether a user 
wants to log-on to a system or application at step SI. If 
the user want to log-on, fingerprint input request mes- 
sage is displayed onto the display device 10 at step S2. 
Next, it is determined whether or not the sensor 9 
detects the user's fingerprint information at step S3. 
[0023] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step S4 and then it is 
determined whether the detected fingerprint information 



is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0024] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
5 is allowed to log-on to the connputer 1 at step S5. XMxer- 
wise, the user is prohibited from using the computer 1 at 
step S6. 

[0025] In Fig. 4. at first, it is determined whether or not 
a user wants to encrypt data at step S11. If the user 

10 wants to encrypt the data, fingerprint input request mes- 
sage is displayed onto the display device 10 at step 
SI 2. Next, it is determined wither the sensor 9 detector 
the user's fingerprint information at step S1 3. 
[0026] If the sensor 9 detects the fingerprint informa- 

15 tion, the process proceeds to step 814 and then it is 
determined whether the detected fingerprint information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0027] If the detected fingerprint information is coinci- 

20 dent with the registered fingerprint information, the user 
is allowed to encrypt the data, at step SI 5, using a key 
assigned to the user (each user having a key which is 
different from each other and which may be stored in the 
fingerprint database 4). OthenA/ise. the user is prohib- 

25 ited from encrypting the data at step 816. 

[0028] In Fig. 5, at first, it is determinec^ whether a user 
want to decode data at step S21 . if the user wants to 
decode the data, fingerprint input request message is 
displayed onto the display device 10 at ^ep S22. Next. 

30 it is determined whether the sensor 9 detects the user's 
fingerprint information at step S23. 
[0029] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step 824 and then it is 
determined whether the detected fingerprint information 

35 is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0030] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
is allowed to decode the data using a key assigned to 

40 the user at step S25. Othen^^ise, the user is prohibited 
from decoding the data at step 826. 
[0031] In Fig. 6,-atfirst, it is determined whether a use 
wants to sign data at step 831 . If the user want to sign 
the data, fingerprint input request message is displayed 

45 onto the display device 1 0 at step S32. Next, it is deter- 
mined whether the sensor 9 detects the user's finger- 
print information at step 833. 
[0032] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step 834 and then it is 

50 determined whether the detected fingerprint information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0033] If the detected fingerprint information is coinci- 
dent with the register fingerprint information, the user is 

55 allowed to sign the data using a key assigned to the 
user at step S35. Othen^/ise. the user is prohibited from 
signing the data at step 836. 
[0034] In Fig. 7. at first, it is determined whether a user 



5.., J 

want to verify a signature at step S41 . If the user want to 
verify the signature, fingerprint input request message 
is displayed onto the display device 10 at step S42. 
Next, it is determined whether the sensor 9 detects the 
user's fingerprint information at step S43. 
[0035] If the sensor 9 detects the fingerprint informa- 
tion, the process proceeds to step S44 and then it is 
determined whether the detected fingerprint information 
is coincident with the fingerprint information registered 
in the fingerprint database 4. 
[0036] If the detected fingerprint information is coinci- 
dent with the registered fingerprint information, the user 
is allowed to verify the signature using a key assigned to 
the user at step S45. OthenA^ise, the user is prohibited 
from verifying the signature at step S46. 
[0037] Next, description of a second embodiment of 
the invention will be made with reference to Fig. S, Fig. 
8 shows a block diagram of a second embodiment of the 
personal authentication system of the invention. The 
system shown in Fig. 8 includes a server computer 13, 
which is connected to a plurality of client computers 14. 
a fingerprint database 18. a fingerprint collating device 
1 9, and a personal database 20. 
[0038] Each client computer 1 4 includes a keyboard 
15, a fingerprint sensor 16 integrated into the keyboard 
15, and a display device 17. The fingerprint database 18 
stores a plurality of fingerprint information of users in 
advance. Fingerprint information of the user who is 
allowed to use the system is stored in the database 1 8. 
[0039] The fingerprint collating d^ice 1 9 collates^ fin- 
gerprint information detected by the fingerprint sensor 
16 with the fingerprint information stored in the finger- 
print database 18. The personal database 20 includes a 
plurality of personal data of users. 
[0040] The second embodiment of the invention is the 
same as the first embodiment of the invention shown in 
Figs. 1 through 7, except that the second embodiment 
includes a plurality of client computers 14, keyboards 
15, and display devices 16 and the personal database 
20. 

[0041] In the second embodiment of the invention, 
when the fingerprint collating device 19 collates the fin- 
gerprint information of a user detected by the fingerprint 
sensor 16 with the fingerprint information registered in 
the fingerprint database 18 and determines that the 
detected fingerprint information is identical with the reg- 
istered fingerprint information, the server computer 13 
sends the personal data corresponding to the user in 
the personal database 20 to the client computer 14 
incoming the fingerprint information. 
[0042] As stated above, a personal authentication sys- 
tem of the invention has a small-sized input device 
because of the integration of a fingerprint sensor into a 
keyboard. Further, the system is not able to be used by 
other people because of personal authentication using 
fingerprint. 



Claims 

1 . A personal authentication system including a com- 
puter (1) for use in authenticating a user, compris- 

5 ing: 

an input means (8) by which tiie user inputs an 

instruction to tiie computer (1); 

a fingerprint sensor (9) which detects finger- 

1.0 print information of the user when the user 

touches the sensor (9) by his finger; 
a storage means (4) which is connected to the 
computer (1) and registers fingerprint informa- 
tion of users in advance; and 

15 a collating means (12) which is connected to 

the computer (1) and collates the fingerprint 
information detected by the fingerprint sensor 
(9) with the fingerprint information registered in 
the storage means (4). and 

20 when It is determined tiiat the detected finger- 

print information is coincident with the regis- 
tered fingerprint information by the collating 
means (12), the computer (1 ) allows the user to 
perform predetermined operation on the com- 

25 puter(l). / 

2. The system of claim 1 . further comprising: 

a display means (10) which is connected to the 
30 computer (1) and displays fingerprint input 

request message to tiie user. 

3. The system of claim 1 , wherein ttie fingerprint sen- 
sor (9) is integrated into the input means (8). 

35 

4. The system of daim 1 , wherein the predetermined 
operation to the computer (1) is one of operations 
including log-on operation to tiie computer (1), 
encrypting data by using a key assigned to the user, 

40 decoding data by using a key assigned to tiie user, 
signing data by using a key assigned to tiie user, 
and verifyirig signature by using a key assigned to 
tiie user. 

45 5. A personal authentication system, for use in 
authenticating a user, including a server computer 
(13) and a plurality of client computers (14), each 
client computer (14) comprising: 

$0 an input means (15) by which the user inputs 

an instruction to the client computer (14) or tiie 
server computer (1 3) ; and 
a fingerprint sensor (16) which detects finger- 
print information of the user when he touches 

56 the sensor (1 6) by his finger. 

and the server computer (13) comprising: 
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a storage means (18) which registers fin- 
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gerprint information of users in advance: 
and 

a collating means (19) which collates the 
fingerprint information detected by the fin- 
gerprint sensor (16) with the fingerprint 5 
information registered in the storage 
means (18). 

6. The system of claim 5. wherein the sever computer 

(13) further comprises a second storage means ro 
(20) vyhich stores personal information of users, 

and when it is determined that the detected 
fingerprint information is coincident with the regis- 
tered fingerprint by the collating means (19). the 
server computer (13) supplies the client computer 75 

(14) which the fingerprint information is detected 
with the personal information corresponding to the 
user in the second storage means (20). 

7. A method of authenticating a user of a computer, 20 
comprising the steps of: 



registering fingerprint information of users in 
advance; 

detecting the fingerprint information when the 25 
user, touches the fingerprint sensor by his fin- 
ger; 

collating the detected fingerprint information 
with the registered fingerprint information; and 
allowing the user to perform predetermined ^0 
operation with the computer, when it is deter- 
mined that the detected fingerprint information 
is coincident with the registered fingerprint 
informatiori. 

35 

8. A computer readable medium which stores a pro- 
gram operable for authenticating a user of a compu- 
ter, comprising the stepd of: 



registering fingerpririt information of users in ao 
advance; 

detecting the fingerprint information when the 
user touches the fingerprint sensor by his fin- 
ger; 

collating the detected fingerprint information 45 
with the registered fingerprint information; and 
allowing the user to perform predetermined 
operation with the computer, when it is deter- 
mined that the detected fingerprint Information 
is in coincident with the registered fingerprint 50 
information. 
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